Windows passwords 'feeble' - boffins

by
Macworld staff
, | 25 Jul 03

Top researchers have shown Mac OS X passwords are 4,096 times harder to crack than Windows passwords.

The Swiss Federal Institute of Technology devised a way of breaking Windows passwords in just 13.6 seconds. The method involved using large lookup-tables to match encoded passwords to the original text of passwords. Armed with a large lookup-table, a cracker can break passwords on any Windows computer.

A senior institute researcher said: "Windows passwords are not very good, but Unix, Linux and Mac OS X add a 12-bit salt to the calculation, meaning brute-force attempts to break the encryption take 4,096 times longer, or requires 4,096 times more memory."

The Institute has published a Web interface to demonstrate its findings. Called the Advanced Instant NT Password Cracker, it will attempt to crack Windows NT password on request.

The researchers recommend including non-alphanumeric characters in passwords, which adds a level of complexity.